Documentation
¶
Index ¶
- Constants
- type Authorizer
- func (a *Authorizer) Authorize(ctx context.Context, principal *models.Principal, verb string, ...) error
- func (a *Authorizer) AuthorizeSilent(ctx context.Context, principal *models.Principal, verb string, ...) error
- func (a *Authorizer) FilterAuthorizedResources(ctx context.Context, principal *models.Principal, verb string, ...) ([]string, error)
- type Config
Constants ¶
View Source
const AnonymousPrincipalUsername = "anonymous"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authorizer ¶
type Authorizer struct {
// contains filtered or unexported fields
}
Authorizer provides either full (admin) or no access
func (*Authorizer) Authorize ¶
func (a *Authorizer) Authorize(ctx context.Context, principal *models.Principal, verb string, resources ...string) error
Authorize will give full access (to any resource!) if the user is part of the admin list or no access at all if they are not
func (*Authorizer) AuthorizeSilent ¶ added in v1.28.5
type Config ¶
type Config struct {
Enabled bool `json:"enabled" yaml:"enabled"`
Users []string `json:"users" yaml:"users"`
ReadOnlyUsers []string `json:"read_only_users" yaml:"read_only_users"`
Groups []string `json:"groups" yaml:"groups"`
ReadOnlyGroups []string `json:"read_only_groups" yaml:"read_only_groups"`
}
Config makes every subject on the list an admin, whereas everyone else has no rights whatsoever
Source Files
Click to show internal directories.
Click to hide internal directories.